CVE-2021-42171

HIGH

Zenario < 9.0.55143 - Unauthenticated Remote Code Execution via File Upload

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2021-42171. PoCs published by minhnq22.

AI-analyzed exploit summary This exploit demonstrates an authenticated RCE vulnerability in Zenario CMS 9.0.54156 by uploading a malicious DOCX file containing embedded PHP code. The exploit first authenticates to the CMS, then leverages the document upload functionality to achieve remote code execution.

Description

Zenario CMS 9.0.54156 is vulnerable to File Upload. The web server can be compromised by uploading and executing a web-shell which can run commands, browse system files, browse local resources, attack other servers, and exploit the local vulnerabilities, and so forth.

Exploits (2)

exploitdb WORKING POC

by minhnq22 · pythonwebappsphp

https://www.exploit-db.com/exploits/50850

View Code ZIP pw:eip

This exploit demonstrates an authenticated RCE vulnerability in Zenario CMS 9.0.54156 by uploading a malicious DOCX file containing embedded PHP code. The exploit first authenticates to the CMS, then leverages the document upload functionality to achieve remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Zenario CMS 9.0.54156

Auth required

Prerequisites: Valid credentials for the Zenario CMS admin panel · Network access to the target system

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505.003 - Web Shell

devstral-2 · analyzed Feb 18, 2026 Full analysis →

nomisec WORKING POC

by minhnq22 · poc

https://github.com/minhnq22/CVE-2021-42171

View Code ZIP pw:eip

This exploit demonstrates an authenticated file upload vulnerability in Zenario CMS 9.0.54156, leading to remote code execution via a malicious DOCX file upload. The PoC includes authentication, session handling, and payload delivery.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Zenario CMS 9.0.54156

Auth required

Prerequisites: Valid admin credentials · Network access to the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505.001 - SQL Stored Procedures

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory x_refsource_misc

https://minhnq22.medium.com/file-upload-to-rce-on-zenario-9-0-54156-cms-fa05fcc6cf74

Exploit, Issue Tracking, Third Party Advisory x_refsource_misc

https://github.com/hieuminhnv/Zenario-CMS-9.0-last-version/issues/2

Exploit, Third Party Advisory x_refsource_misc

http://packetstormsecurity.com/files/166617/Zenario-CMS-9.0.54156-Remote-Code-Execution.html

Scores

CVSS v3 7.2

EPSS 0.1781

EPSS Percentile 95.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-434

Status published

Products (2)

tribalsystems/zenario 9.0.54156

tribalsystems/zenario 0 - 9.0.55143Packagist

Published Mar 14, 2022

Tracked Since Feb 18, 2026